Providing storage and security services with a smart personal gateway device

ABSTRACT

Embodiments provide storage, security, and other services to smart personal devices (SPDs) in a personal area network (PAN) via a smart personal gateway device (SPGD). The SPGD caches and shares data among SPDs having support for heterogeneous communication modalities. The SPGD acts as an offline cache or other common storage location for the SPDs in the PAN.

CROSS-REFERENCE TO RELATED APPLICATION

This application claims the benefit of pending U.S. ProvisionalApplication No. 61/834,422, filed Jun. 13, 2013, the entirety of whichis hereby incorporated by reference herein.

This application is related to a U.S. patent application entitled“Service Provisioning Through a Smart Personal Gateway Device,” which isincorporated by reference herein in its entirety.

BACKGROUND

The number of smart personal devices (SPDs) per person is continuouslyincreasing, such as laptops, smart phones, tablets, devices supportingBLUETOOTH brand communications, and media devices including digitalcameras. New devices are now entering the market from eyewear displays,cameras, smart watches, biometric devices, and more. Many devices areinconsistent in capabilities, and virtually no common services areavailable to all devices. For example, some of these devices have nonetworking, some support BLUETOOTH brand communications and/or wirelessfidelity (Wi-Fi), and some have full wide area network (WAN) cell phonestacks. Thus, some devices may talk to one of many networks, somedevices provide only data (e.g., no voice, location, persistent storage,etc.), some devices cannot talk to any other devices (e.g., like many oftoday's cameras), etc.

Some of the services require maintaining state information, such ascontacts, a music library, or a repository of messages sent andreceived. To maintain a consistent state across devices accessing commonservices, some of the existing systems maintain the state in a cloudservice or on the devices themselves. Maintaining the state in the cloudservice requires wide area connectivity and requires the devices to haverich communication capabilities (e.g., cellular radio stacks), both ofwhich have expensive product and communication costs. When maintainingthe state in the devices themselves, a lack of coherency between devicesresults in inconsistent state. For example, if one device changes thestate, another device will not see the change.

The devices also have access to information with high personal impactsuch as account passwords, financial transaction data, identitymanagement data for access to corporate data systems, and privatepersonal information. While some existing devices have secure elementsthat house authentication information (e.g., a trusted platform modulein each device), other devices use less secure per-device passwords tocontrol access to information on that specific device.

SUMMARY

Embodiments of the disclosure cache and share data among smart personaldevices (SPDs) having heterogeneous communication modalities. One of aplurality of the SPDs requests data from a cloud service. The pluralityof SPDs are connected to a smart personal gateway device (SPGD) by apersonal area network (PAN). The SPGD obtains the requested data over afirst communication modality and stores the obtained data in an SPGDcache associated with the SPGD. The SPD obtains the requested data fromthe SPGD cache over a second communication modality. The SPD lackssupport for the first communication modality.

This Summary is provided to introduce a selection of concepts in asimplified form that are further described below in the DetailedDescription. This Summary is not intended to identify key features oressential features of the claimed subject matter, nor is it intended tobe used as an aid in determining the scope of the claimed subjectmatter.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is an exemplary block diagram illustrating smart personal devices(SPDs) in a personal area network (PAN).

FIG. 2 is an exemplary block diagram illustrating a smart personalgateway device (SPGD) communicating with SPDs in a PAN.

FIG. 3 is an exemplary block diagram illustrating a high-levelthin-modem architecture for an exemplary SPGD.

FIG. 4 is an exemplary sequence diagram illustrating operation of theSPDs to request data from a cloud service via the SPGD.

FIG. 5 is an exemplary flow chart illustrating operation of the SPGD tocache data for the SPDs.

FIG. 6 is an exemplary flow chart illustrating operation of the SPGD toperform security operations on behalf of the SPDs.

FIG. 7 is an exemplary block diagram illustrating the SPGD performingservices on behalf of the SPDs when no wireless fidelity (Wi-Fi) accessis available.

FIG. 8 is an exemplary block diagram illustrating the SPGD performingservices on behalf of the SPDs when a Wi-Fi network is available.

Corresponding reference characters indicate corresponding partsthroughout the drawings.

DETAILED DESCRIPTION

Embodiments of the disclosure provide storage services to maintainconsistent state among smart personal devices (SPDs) 206 that accesscommon services in a personal area network (PAN) 202. Aspects of thedisclosure minimize data communication costs and tolerate outages inwide area connectivity while providing synchronization among the SPDs206. In some embodiments, the SPDs 206 share a common cache maintainedby a smart personal gateway device (SPGD) 204 in the PAN 202. The cacheprovides low latency, low energy, and low electronic cost access to ashared pool of information that may be used by all SPDs 206 in the PAN202. In this manner, the SPGD 204 acts as an offline cache, such as forcloud-based deferred access scenarios and/or for caching user settings,preferences, and the like, and makes the cached information available toother SPDs 206 owned by a user 102. The SPGD 204 also acts as a commonstorage location for asynchronous services such as voicemail, email, andvideo messaging, and for migrating tasks among the SPDs 206.

Some embodiments further use the SPGD 204 to provide identity andsecurity services to a collection of SPDs 206 in the PAN 202. The SPGD204 contains heavy weight authentication mechanisms such as finger printreaders, other biometric sensors or physical secure elements that wouldbe prohibitive to incorporate in small wearable SPDs 206. In this mannerand others, the SPGD 204 may serve as a central security controller forthe PAN 202, and provide physical identity and security mechanism thatprovide more robust security than what may be possible in small SPDs206. The SPDs 206 are authenticated by the SPGD 204 and enjoy a greaterlevel of trust amongst themselves. The SPDs 206 in the PAN 202 gaincredentials from their authenticated association with the gateway thatpermit them to access resources they would not be able to access withoutthe credentials provided by the gateway. The SPDs 206 may authenticatewith more than one SPGD 204, and thereby may have multiple sets ofcredentials. In some embodiments, while the authentication state of eachSPD 206 is maintained, aspects of the disclosure may requirere-authentication or new entry if range limits are exceeded (e.g., theSPD 206 moves away from the SPGD 204), if there is a connectivity loss,and/or if other conditions occur.

Referring to the figures, embodiments of the disclosure augmentcapabilities of the SPDs 206 in the PAN 202 of the user 102. In someembodiments, the capabilities of the SPDs 206 are augmented usingcomputing resources of the SPGD 204. The SPDs 206 may consume one ormore services from the PAN 202 and/or provide one or more services tothe PAN 202.

As an example, the SPGD 204 searches for SPDs 206 within a range (e.g.,three meters) of the SPGD 204, authenticates with any detected SPDs 206,and provides a service list or other catalog to the detected SPDs 206.The catalog includes a list of services provided by the SPGD 204, suchas those services described herein. The SPGD 204 is capable ofsupporting common services for all SPDs 206 in the PAN 202, in someembodiments, such as location, near field communication (NFC) payment,building/car access, write cache (e.g., for offline cloud access),common cache for device synchronization, common network storage, etc.Alternatively or in addition, each detected SPD 206 provides a list ofservices supported by the SPD 206 to the SPGD 204. In this manner, eachof the detected SPDs 206 subscribes to particular services offered by,or through, the SPGD 204 to immediately augment the internalcapabilities of the SPD 206.

Exemplary services include, but are not limited to cellular data, widearea network (WAN) data connectivity, cellular voice services, localarea network (LAN) connectivity (including both wired and wireless),body area network connectivity, authentication services, short messageservice (SMS), audio capture, video capture, image capture (e.g.,camera), visual display, audio rendering and output, human interface(e.g., touch screen, button), media library and storage, file system,address book, geographic location, inertial motion, and calendar.

In some embodiments, SPD 206 refers to a smart (e.g., containsprocessing capabilities and generally some form of user interface (UI)and/or user experience) personal (e.g., worn, carried, and/or mobile)device. Examples include mobile phones (e.g., without modems), wristand/or glasses based devices, and even personal computer laptop devices.However, the SPD 206 may also include non-user-experience orienteddevices such as biometric sensors, simple information (like lightemitting diode (LED) or segment displays), and/or capture devices suchas a necklace camera.

In some embodiments, SPGD 204 refers to a common device used by multipleSPDs 206 to provide multiple disaggregated services to SPDs 206supporting a common interface (e.g., potentially over multiple wiredand/or wireless communication paths). With a small form factor in someembodiments, the SPGD 204 disappears into the lifestyle of the user 102,is easy to carry on-person at all times, is simple to configure, issimple to charge, connects with all SPDs 206 of that user 102, andsupports all mobile products, in some embodiments. While the SPGD 204 isdescribed in some embodiments herein as a dedicated device, thefunctionality of the SPGD 204 may be implemented by one of the SPDs 206in the PAN 202. Such an SPD 206 may also provide or consume servicesoffered through the functionality of the SPGD 204.

Aspects of the disclosure further contemplate an easily carried (e.g.,credit card size) device (e.g., the SPGD 204) to bring additionalcapabilities and consistent capabilities to users 102 with multiple SPDs206. For example, the thickness of the SPGD 204 may be about thethickness of four stacked credit cards. In some embodiments, the SPGD204 is not a mobile telephone (e.g., not a smartphone).

Aspects of the disclosure disambiguate the hardware and/or softwareassociated with communication modalities from the SPDs 206. Rather, suchhardware and/or software is provided by the SPGD 204 to those SPDs 206,thus reducing the hardware and/or software complexity and cost of eachSPD 206.

As a non-limiting example of the SPGD 204 in operation, the SPD 206operating in connection with the SPGD 204 may make a telephone callwithout the SPD 206 actually having the hardware and/or softwarefunctionality to make a telephone call. The SPGD 204 provides thecellular modem and communication stack functionality to the SPD 206. Forexample, a Wi-Fi-only SPD 206 may make a cellular telephone call byconnecting through the SPGD 204.

As an example, the SPGD 204 includes a device acting as a centralcommunications hub and service provider for multiple SPDs 206. The SPGD204 contains multiple communication hardware and/or software to supportlong-term evolution (LTE), Wi-Fi, BLUETOOTH brand communications, andmore. The SPGD 204 has a CPU that not only routes traffic, but alsoprovides services such as voice for all the SPDs 206 that connect to it.The SPGD 204 also provides multiple optional services such as commonstorage, data caching, location, authentication, and NFC payment, set-upand/or other financial transactions on behalf of the SPDs 206. Ingeneral, the SPGD 204 enables SPDs 206 to have a far richer set ofcapabilities and communication without burdening each SPD 206 withsignificant overhead in size, power consumption, and/or cost to supportsuch capabilities.

In general, the SPGD 204 operates as a single common endpoint tocarrier-based (e.g., WAN) networks, and provides more functionality thanexisting hotspots by, for example, supporting voice services on carriergrade voice including circuit switched (CS), voice over LTE (VoLTE),and/or voice over Internet Protocol (VoIP) services. Other carrier andover-the-top (OTT) services such as SMS, instant messaging (IM), videoconferencing, gaming, and more are also supported in some embodiments.Further, multiple types of metro-area networks from traditional carriersolutions such as LTE to white-space and satellite are also operablewith the SPGD 204.

In some embodiments, the SPGD 204 is capable of supporting either asingle hub approach for communications between multiple SPDs 206 (e.g.,Wi-Fi), or a gateway function between the SPGD 204 and SPDs 206 viaalternative wireless links such as BLUETOOTH brand communications,multiple channel Wi-Fi, multi-band Wi-Fi, time-division-multiplexing(TDD) based Wi-Fi, wireless universal serial bus (USB), 802.11ad, etc.Some implementations of the SPGD 204 may also resolve access point andWi-Fi Direct concurrent access issues by either supporting multipleWi-Fi radios and/or Wi-Fi multiplexing.

Referring next to FIG. 1, an exemplary block diagram illustrates SPDs206 in the PAN 202. In the example of FIG. 1, the user 102 carries avariety of SPDs 206 including head worn SPDs 206 (e.g., eyeglasses,hats), wrist worn SPDs 206 (e.g., a watch), “slab” form factor SPDs 206(e.g., tablets, smart mobile telephones), and other SPDs 206 (e.g.,laptops). Some of the SPDs 206 may support Wi-Fi and BLUETOOTH brandcommunications, while other SPDs 206 may provide WAN support. Asdescribed herein, the SPGD 204 forms the PAN 202 to enable thecollection of SPDs 206 of the user 102 to communicate with WANs such asthose providing cloud services and phone services. In general, the SPGD204 implements the functionality described herein to provide a gatewaybetween the SPDs 206 and the WAN. While described in some embodiments asproviding a gateway between the PAN 202 of SPDs 206 and at least onecellular network, aspects of the disclosure operate to provide a gatewaybetween the PAN 202 and any type of WAN (e.g., satellite, white space,etc.). Further, the SPGD 204 establishes, forms, or otherwise createsthe PAN 202 for the SPDs 206 to communicate with each other and with theservices and devices in the WAN.

The SPGD 204 creates the PAN 202 based on an interaction between theSPDs 206 and the SPGD 204. In a registry-based example, the SPGD 204searches for SPDs 206 within a range (e.g., three meters) of the SPGD204 device, authenticates with any detected SPDs 206, and provides thecatalog of services or other service list to the detected SPDs 206. Thecatalog of services describes services provided by the SPGD 204, such as(but not limited to) voice services, gaming services, authenticationservices, communication services, etc. The catalog may also includeservices supported by the detected SPDs 206 and identified to the SPGD204 by the SPDs 206.

Each of the detected SPDs 206 may subscribe to particular servicesoffered by the SPGD 204 and identified in the catalog. The SPGD 204maintains subscription information (e.g., a list of services) in memory,such as in a register, subscription list, database, etc. The SPGD 204acts as a service broker to the SPDs 206 providing services and the SPDs206 consuming services. In some embodiments, the SPGD 204 acts as anendpoint for those subscribed services to the WAN, and acts as a serverto the SPDs 206 subscribed to those services. For example, the SPGD 204may cache electronic mail messages received from an electronic mailservice in the WAN, identify one or more of the SPDs 206 subscribed tothe electronic mail service, and notify the SPDs 206 subscribed to theemail service that emails are available. In this manner, the SPGD 204downloads the emails once and provides them to the SPDs 206 uponrequest, rather than having each SPD 206 in the PAN 202 individuallydownload each of the emails from the WAN.

Referring next to FIG. 2, an exemplary block diagram illustrates theSPGD 204 communicating with SPDs 206 within the PAN 202 to cache andshare data with heterogeneous communication modalities. In the exampleof FIG. 2, the SPGD 204 communicates with the user 102 and a pluralityof SPDs 206, such as SPD #1 through SPD #N. At least one of the SPDs 206includes an SPD processor 208. The SPD processor 208 includes anyquantity of processing units, and is programmed to executecomputer-executable instructions for implementing aspects of thedisclosure. The instructions may be performed by the SPD processor 208or by multiple processors executing within the SPD 206, or performed bya processor external to the SPD 206. In some embodiments, the SPDprocessor 208 is programmed to execute instructions such as thoseillustrated in the figures (e.g., FIG. 4). In some embodiments, the SPDprocessor 208 represents an implementation of analog techniques toperform the operations described herein. For example, the operations maybe performed by an analog computing device and/or a digital computingdevice.

The SPGD 204 has a plurality of computing resources associatedtherewith. The computing resources include, but are not limited to, anSPGD processor 210, an SPGD memory area 212, and at least one securitymodule 218. The SPGD processor 210 includes any quantity of processingunits, and is programmed to execute computer-executable instructions forimplementing aspects of the disclosure. The instructions may beperformed by the SPGD processor 210 or by multiple processors executingwithin the SPGD 204, or performed by a processor external to the SPGD204. In some embodiments, the SPGD processor 210 is programmed toexecute instructions such as those illustrated in the figures (e.g.,FIG. 5 and FIG. 6). In some embodiments, the SPGD processor 210represents an implementation of analog techniques to perform theoperations described herein. For example, the operations may beperformed by an analog computing device and/or a digital computingdevice.

The SPGD memory area 212 includes any quantity of computer readablemedia associated with or accessible by the SPGD 204. The SPGD memoryarea 212 may be internal to the SPGD 204 (as shown in FIG. 2), externalto the SPGD 204 (not shown), or both (not shown). In some embodiments,the SPGD memory area 212 includes read-only memory and/or memory wiredinto an analog computing device.

The SPGD memory area 212 stores, among other data, one or moreapplications 214. The applications 214, when executed by the SPGDprocessor 210, operate to perform functionality on the SPGD 204.Exemplary applications 214 include mail application programs, webbrowsers, calendar application programs, address book applicationprograms, messaging programs, media applications, location-basedservices, search programs, and the like. The applications 214 maycommunicate with counterpart applications or services such as webservices accessible via a network. For example, the applications 214 mayrepresent downloaded endpoint applications that correspond toserver-side services executing in a cloud (e.g., cloud 702 in FIG. 7 andFIG. 8).

The SPGD memory area 212 further stores an SPGD cache 216 maintained bythe SPGD 204. The SPGD cache 216 is accessible to the SPDs 206. In someembodiments, the SPGD cache 216 represents an allocated portion of theSPGD memory area 212. The SPGD cache 216 stores data received from thecloud service and/or data received from one or more of the SPDs 206. Forexample, the SPGD cache 216 stores represents media library storage,file system storage, calendar storage, and/or address book storage.

The computing resources further include one or more of the securitymodules 218. The security modules 218 represent hardware and/or softwarefunctionality for accessing secure resources. For example, the securitymodules 218 may include a trusted platform module (TPM) 220. The TPM 220stores security data, such as user passwords.

The computing resources of the SPGD 204 may also include one or morecommunication interfaces and/or network interfaces such as acommunications stack, a cellular modem, NFC radio and coil, globalpositioning system (GPS) receiver and/or transmitter, and the like. Thecommunications interfaces, in some embodiments, include hardware and/orcomputer-executable instructions (e.g., a driver) for operating thecommunications interfaces. Communication between the SPGD 204 and otherdevices may occur via the communications interfaces with any protocol ormechanism over any wired or wireless connection.

In an example in which at least one of the SPDs 206 lacks cellular voiceservices, the computing resources of the SPGD 204 further include acellular modem and a communication stack. In this example, at least oneof the SPDs 206 makes a telephone call via the SPGD 204.

The computing resources of the SPGD 204 may also include one or moreuser interface components, such as a graphics card for displaying datato the user 102 and receiving data from the user 102. The user interfacecomponents may also include computer-executable instructions (e.g., adriver) for operating the graphics card. Further, the user interfacecomponents may include a display (e.g., a touch screen display ornatural user interface) and/or computer-executable instructions (e.g., adriver) for operating the display. The user interface component may alsoinclude one or more of the following to provide data to the user 102 orreceive data from the user 102: speakers, a sound card, a camera, amicrophone, a vibration motor, one or more accelerometers, a BLUETOOTHbrand communication module, a projector, and a photoreceptive lightsensor. For example, the user 102 may input commands or manipulate databy moving the computing device in a particular way.

In some embodiments, one or more of the user interface components mayact as an input interface (e.g., a touch service or touch device) forone or more of the SPDs 206 (e.g., the SPDs 206 that are limited-inputdevices such as glasses-based solutions). In such embodiments, the SPGD204 has a touch surface on at least one side. Alternatively or inaddition, the SPGD 204 may act as a pointer (e.g., with gross navigationvia sensors such as a gyroscope and/or accelerometer, or with finenavigation if a traditional mouse sensor is incorporated).

The SPGD 204 may also be used as a game controller in combination withone or more of the SPDs 206. Sensors (e.g., gyroscope, accelerometer,compass, etc.) in the SPGD 204 allow detection of motion that is usedfor controlling games, scrolling, and more on the SPDs 206. Buttons,touch surfaces, and the like on the SPGD 204 may also implementtraditional game console controller capabilities for other SPDs 206.

The example of FIG. 2 illustrates the SPGD 204 incorporating a projectoror other projection-based solution, instead of or in addition to ascreen or other display. In these embodiments, the SPGD 204 may uselocal compute capabilities, or leverage one of the SPDs 206, to generatethe images. In this case, the projector may be driven by an encodedvideo stream (e.g., H.264/H.265) or static images (e.g., jointphotographic experts group (JPEG)/M-JPEG). Alternatively or in addition,the SPGD 204 may have a small display that acts as a second screendriven by another SPD 206. Users 102 may then use this fornotifications, appointments, present time, and more. In still otherembodiments, the SPGD 204 lacks a display or any display capabilities.

For scenarios in which the SPGD 204 is placed in a pocket or wallet ofthe user 102, sensors on the SPGD 204 (e.g., gyroscope, accelerometer,thermometer, heart rate monitor, etc.) may be used to provide servicessuch as a pedometer, activity monitoring, calorie counting, pulse, etc.to the user 102.

The SPGD 204 may be implemented by any computing device configured asdescribed herein. The computing device represents any device executinginstructions (e.g., as application programs, operating systemfunctionality, or both) to implement the operations and functionalitydescribed herein. For example, the SPGD 204 is implemented as astandalone device separate and distinct from a mobile telephone. Inother examples, one or more aspects of the functionality of the SPGD 204may be implemented by a mobile computing device or any other portabledevice. In some embodiments, the mobile computing device includes amobile telephone, laptop, tablet, computing pad, netbook, gaming device,and/or portable media player. The SPGD 204 may also be implemented byless portable devices such as desktop personal computers, kiosks,tabletop devices, industrial control devices, wireless chargingstations, and electric automobile charging stations. Additionally, theSPGD 204 may represent a group of processing units or other computingdevices.

While the SPGD 204 contains sufficient compute resources to run servicessuch as data and voice gateways, the SPGD 204 in some embodiments allowssome tasks to be computed by the SPDs 206, in the cloud, and/or by theSPGD 204 (e.g., effectively acting as a local cloud or applicationsengine). Example services include voice recognition, facial recognition,non-GPS-based location, music recognition, and more.

Referring next to FIG. 3, an exemplary block diagram illustrates ahigh-level thin-modem architecture 302 for an exemplary SPGD 204. Whilethe exemplary thin-modem architecture 302 includes the componentsillustrated in FIG. 3, aspects of the disclosure are operable with athin-modem architecture having additional or fewer components. Thethin-modem architecture is used to support WAN communications, alongwith an integrated computer applications processor. Additional radiossuch as for Wi-Fi, BLUETOOTH brand communications, etc. may be connectedto the thin-modem architecture 302 to support communications to SPDs 206and network access points. Dynamic random access memory (DRAM), or othermemory, may be used for dynamic storage for the thin-modem complex, withflash-based local or user supplied secure disk input output (SDIO) flashfor program code, applications code, application data, media, and thelike. A power complex drives internal power rails, battery charging, andstart-up sequencing, and an additional wireless charging solution may beused to charge a local battery. Additional components such as asubscriber identity module (SIM) card, sensors, microphone, GPStransceiver, and the like may be added to the primary board to enhancefunctions of the SPGD 204. An applications processor (e.g., the SPGDprocessor 210) in the thin-modem architecture 302 executes code toimplement the services described herein. In some embodiments, the SPDs206 execute complementary code to complete the functionality of theservices.

The thin-modem architecture 302 enables the SPGD 204 to be operable withexisting and future standards that may be leveraged for varioussynchronization and caching operations. Examples of present standardsinclude cloud storage synchronization, mail synchronization, deferredapplication loading on mobile devices, network file storage, deviceproperties, and more.

Referring next to FIG. 4, an exemplary sequence diagram illustratesoperation of the SPDs 206 to request data from a cloud service via theSPGD 204. One of the SPDs 206 requests data from a cloud service, andthe request is passed to the SPGD 204. The requested data includes, forexample, music, images, videos, a news feed, an application update, anoperating system update, an electronic mail attachment, and/or socialnetworking feed content.

The SPGD 204 obtains the requested data from the cloud service over afirst communication modality, and stores the obtained data in the SPGDcache 216. The requesting SPD 206 retrieves the obtained data from theSPGD cache 216 over a second communication modality. The requesting SPD206 then processes the data received from the SPGD cache 216. In someembodiments, the requesting SPD 206 receives the data from the SPGDcache 216 when the first communication modality is unavailable. Thefirst communication modality may become unavailable, for example, as theuser 102 changes location (e.g., goes out of range of a cellular tower).

Alternatively or in addition, other SPDs 206 (e.g., other than therequesting SPD 206) may retrieve the data from the SPGD cache 216 (e.g.,if authorized by the user 102). In some embodiments, the requesting SPD206 lacks support for the first communication modality. As an example,the first communication modality includes cellular radio communications,and the second communication modality includes Wi-Fi radiocommunications. However, other modalities are contemplated for each ofthe first communication modality and the second communication modality.

Referring next to FIG. 5, an exemplary flow chart illustrates operationof the SPGD 204 to cache data for the SPDs 206. The operationsillustrated in FIG. 5 are described with reference to execution by theSPGD 204. However, aspects of the disclosure contemplate execution ofone or more of the operations by other devices or processors.

At 502, the SPGD 204 determines whether the SPGD 204 has received datafrom the cloud service, or from any of the SPDs 206 in the PAN 202. Ifso, the SPGD 204 stores the received data in the SPD cache at 504. TheSPGD 204 may receive the data over any communication modality. In someexamples, the SPGD 204 receives the data from the cloud service over afirst communication modality. In some of these examples, at least one ofthe SPDs 206 lacks support for the first communication modality. At 506,the SPGD 204 determines whether the SPGD 204 has received a request fordata in the SPGD cache 216 from one or more of the SPDs 206. Forexample, operation 506 may occur at some time subsequent to receipt bythe SPDG of the requested data, or in response to receipt by the SPGD204 of the requested data.

If the SPGD 204 has received a request for data in the SPGD cache 216,the SPGD 204 shares the requested data from the SPGD cache 216 with therequesting SPD(s) 206 at 508. For example, sharing the request data withthe SPDs 206 may occur over a second communication modality (e.g.,different from the first communication modality), or anothercommunication modality. In an example in which multiple SPDs 206 requestthe data from the SPGD cache 216, the data may be shared with the SPDs206 over different communication modalities, such as over Wi-Fi to oneSPD 206 and over BLUETOOTH brand communication to another SPD 206.

In embodiments where the SPGD 204 receives data (e.g., state data) forcaching from a first one of the SPDs 206, the SPGD 204 shares at least aportion of the cached data with a second one of the SPDs 206. Forexample, the SPGD 204 shares the cached data to maintain a consistentstate between the first one of the SPDs 206 and the second one of theSPDs 206.

In some embodiments, the operations illustrated in FIG. 5 enable theSPGD 204 to act as an offline cache for cloud-based, deferred accessscenarios where streams of content are loaded into the SPGD 204 duringlow-cost cloud access (e.g., Wi-Fi at home) to be used later. Thisincludes, but is not limited to, deferred watching of movie content,updates of subscribed feeds (e.g., really simple syndicate (RSS) feeds),updates of applications and operating systems, downloading attachments(e.g., large content) in emails, and/or retrieving social networkingfeed content. The cache service of the SPGD 204 queues or holds, forexample, requests for large amounts of data until desirable networks areavailable (e.g., cheaper and/or faster). For example, the SPGD 204 maydelay requests from the SPDs 206 for data from the cloud service untilthe SPGD 204 establishes a low-cost connection to the cloud service(e.g., via the first communication modality). The SPGD 204 then makesthe requested data available to multiple SPDs 206 after caching, eitherin response to a user request (e.g., for deferred load purposes), basedon user characteristics (e.g., large data, common tasks, etc.) forpre-caching, based on size rules on download requests, and/or based onother criteria.

In a particular example, the SPGD 204 receives movie data from the cloudservice, and subsequently shares the received movie data with one ormore of the SPDs 206 on demand. In another example, the SPGD 204 acts asa common storage location to receive data relating to asynchronousservices from the cloud service, such as voicemail, electronic mail,and/or video messaging.

In another example, the SPGD 204 receives, from at least one of the SPDs206, user data including, but not limited to, search history, web sitefavorites, copy-and-paste data, undo/redo data, electronic mail addresscompletion data, and/or previous map destinations. In yet anotherexample, the SPGD 204 receives, from at least one of the SPDs 206, userinterface personalization information including, but not limited to,data indicating whether a user of the first one of the SPDs 206 isright- or left-handed, a screen brightness value for an ambient lightsensor (ALS), data describing preferred gestures, speech recognitionhints, and/or language selections. In still another example, the SPGD204 receives, from at least one of the SPDs 206, user settings and/orpreference data and make such data available to other SPDs 206 owned bythe user 102 and within the PAN 202. Further, any of the data receivedfrom the SPDs 206 may be synchronized with the cloud when low-costnetworks become available. However, even when WAN or Wi-Fi access is notpossible, the SPDs 206 may share any update between SPDs 206 via theSPGD 204 if the SPGD 204 is powered on, in range, and accessible (e.g.,authenticated).

In some embodiments, aspects of the disclosure store and/or retrievedata from the WAN over expensive network links less frequently thanstoring and/or retrieving data from the SPDs 206 over reduced costnetwork links. For example, data may be synchronized once with the WANand multiple times with the SPDs 206.

In this manner, the SPGD 204 caches portions of cloud content foroffline access by the SPDs 206. This may be controlled, for example, byuser set thresholds, direct user selection, playlists, random selection,etc. Examples include caching favorite music, photos, videos, etc.Non-user owned content such as music services may also be cached foroffline playback, and the SPGD 204 supports digital rights management(DRM) protection standards in some embodiments.

By storing data from one SPD 206 for sharing with another SPD 206, theSPGD 204 enables task migration among SPDs 206. Aspects of thedisclosure enable the user 102 to move from one SPD 206 to another withno loss of state. That is, the user 102 may switch from one SPD 206 toanother without having to restart partially completed tasks from thebeginning. The user 102 may start on one SPD 206 from where the user 102left off on another SPD 206. For example, the user 102 may start readinga web page on a first SPD 206 and request to use the content on a secondSPD 206 (e.g., a Top-of-Mind content). The first SPD 206 provides, tothe SPGD 204, state data including, for example, a pointer (e.g.,bookmark) to a location within content stored in the SPGD cache 216. Thesecond SPD 206 obtains the pointer from the SPGD cache 216, and resumesdisplay of the content on the second SPD 206. For example, the secondSPD 206, or any other SPD 206 of that user 102 (e.g., in the PAN 202),may then pull down the Top-of-Mind content and allow the user 102 tocontinue reading the web page from the exact location in the web page asread on the first SPD 206. This allows, among other things, caching ofcontent and pointers to previous SPD view windows (or wireless displays)even when those previous SPDs 206 are not available.

The storage service of the SPGD may further support multi-level caching.In one example, a level 1 (L1) cache exists in one of the SPDs 206, anda level (L2) cache exists in the SPGD 204 for primary storage. The sizelimits and cache rules may be per level. For example, each SPD 206 maykeep one gigabyte (GB) of music in the L1 cache, while the SPGD 204 maykeep four GBs in the L2 cache for a larger (e.g., 50 GB) music libraryin the cloud. When music expires or is listened to, the caches updatebased on the user's rules.

Referring next to FIG. 6, an exemplary flow chart illustrates operationof the SPGD 204 to perform security operations on behalf of the SPDs206. The operations illustrated in FIG. 6 are described with referenceto execution by the SPGD 204. However, aspects of the disclosurecontemplate execution of one or more of the operations by other devicesor processors.

At 602, the SPGD 204 determines whether it has received a request, for aresource, from one of the SPDs 206 that lacks credentials for accessingthe resource. For example, accessing the resource may require aparticular encryption, biometric sensor, or other security module 218not available on the requesting SPD 206 to produce the credentials. Assuch, the SPD 206 itself is not able to access the resource.

At 604, the SPGD 204 obtains the credentials via at least one of thesecurity modules 218 of the SPGD 204. The credentials may be obtained inresponse to the resource request from the SPD 206, or may be obtained inadvance of such a resource request. Exemplary credentials include, butare not limited to, a digital certificate, a cookie, and/or data in anyother data structure. The SPGD 204 may obtain the credentials from theWAN, or from another one of the SPDs 206.

At 606, the SPGD 204 authenticates the requesting SPD 206 (e.g., verifyuser name and password, evaluate a certificate, etc.). At 608, the SPGD204 provides the credentials to the requested SPD 206 based on theauthentication (e.g., if the SPGD 204 is able to successfullyauthenticate the SPD 206). The SPD 206 is then able to access theresource via the credentials provided by the SPGD 204.

In some embodiments, the SPGD 204 aggregates credentials from aplurality of SPDs 206 in the PAN 202 for use by the SPDs 206 in the PAN202. For example, the SPGD 204 may hold all the user's passwords tovarious web sites and/or other secure on-line applications in one ormore of the security modules 218 (e.g., the TPM 220). Anytime the user102 accesses a secure web site via one of the SPDs 206, a secureconnection is set up between the SPGD 204 and the web site. This enablesaccess of password and user name data (e.g., secured) potentially fromany or all of the user's various credit card, bank, or other accounts.Anytime the user 102 uses one of the previously authenticated devices(e.g., all the SPDs 206 the user 102 owns, and/or any wirelesslyconnected PCs or other devices used to access the web), the secureinformation (e.g., login information) is filled in automatically fromdata stored in the TPM 220. This saves considerable time and effort onthe part of the user 102. By having the SPGD 204 with the user 102 atall times, the SPGD 204 serves as a wireless “key” that unlocks all theaccounts for the user 102 automatically. In some embodiments, the SPGD204 provides access to the accounts without explicit user input oraction. In this manner, the SPGD 204 offers security information fromthe TPM 220 on behalf of the SPDs 206 when the SPDs 206 attempt toconnect to the WAN (e.g., the cloud service).

In another example, the security module 218 includes an NFC radio andcoil. The SPGD 204 performs financial transactions on behalf of the SPDs206 using the NFC radio and coil. For example, the SPGD 204 may use theNFC hardware and software on either the SPGD 204 (e.g., button orbiometric) and/or remotely on the SPD 206 (e.g., button or biometric) toallow payment. In some embodiments, the SPGD 204 may act as a smartcredit card service providing potentially new sequenced keys and/or cardnumbers per transaction. NFC may also be used for digital cash (e.g.,Bitcoins, points, or other virtual currency) with cryptography,authentication organizations, etc. Further, the SPGD 204 may also trackall transactions based on use of its NFC, credit card, or cashfunctions. These tracked transactions may be used for reconciliation,spending data analysis, balances, and other data mining. The SPGD 204may act as a secondary authentication source by only allowing access toother SPDs 206 that are within a specific range (e.g., distancedetermined by radio signal strength). Additionally, the SPGD 204 may actas a work access badge, electronic time card, and the like.

In still another example, one of the security modules 218 of the SPGD204 implements a hardware firewall capable of deep packet inspection(e.g., on data packets incoming to the PAN 202 from the WAN). Thehardware firewall functionality in the SPGD 204, in some embodiments,allows the cracking of all packets coming in from the Internet (e.g.,because the SPGD 204 has all the user's keys). Some or all of thenetwork traffic (e.g., email) may be inspected for virus signatures inthis way. Alternatively or in addition, the SPGD 204 may implement asoftware firewall.

The SPGD 204 and the SPDs 206 may operate in at least two modes. WhenWi-Fi is not available (e.g., see FIG. 7), there is no access to Wi-Fiinfrastructure for non-carrier based data access. When the SPD 206 is inthe presence of Wi-Fi infrastructure but unable to use theinfrastructure (e.g., due to lack of rights or other authentication),the SPD 206 and SPGD 204 operate as if the Wi-Fi infrastructure is notavailable. In this mode, the SPGD 204 appears to the SPDs 206 as anaccess point for Wi-Fi communications. Any request to a WAN-basedservice (e.g., a cloud service) from the SPD 206 is routed from the SPD206 via the SPGD 204 to the WAN-based network, as described next withreference to FIG. 7.

Referring next to FIG. 7, an exemplary block diagram illustrates theSPGD 204 performing services on behalf of the SPDs 206 when no Wi-Fiaccess is available. The SPGD 204 acts as an endpoint to servicesoffered by the cloud 702 (e.g., the WAN), and as a server for thoseservices to the SPDs 206 within the PAN 202. In the example of FIG. 7,the exemplary SPDs 206 include a watch, a slab device, and glasses. Thedifferent SPDs 206 are equipped with different hardware. For example,the watch has a display, sensors, a Wi-Fi radio, a BLUETOOTH brandcommunications module, and a touch interface. The slab has a display,one or more cameras, a Wi-Fi radio, a BLUETOOTH brand communicationsmodule, and a touch interface. The glasses have a projector, a camera, aWi-Fi radio, a BLUETOOTH brand communications module, and a touchinterface. The SPGD 204 communicates with the SPDs 206 via Wi-Fi and/orBLUETOOTH brand communications. As an example, the SPGD 204 maycommunicate with other SPDs 206 via Wi-Fi only.

In contrast, referring next to FIG. 8, an exemplary block diagramillustrates the SPGD 204 performing services on behalf of the SPDs 206when a Wi-Fi network is available. When Wi-Fi is available, there is anaccess point where SPDs 206 and SPGD 204 may authenticate. In this mode,the access point is used for at least a portion of the datacommunication to WAN-based services (e.g., the cloud 702). VoIPvoice/video/etc. may be processed directly from the SPD 206 (e.g., thatmay have advantages in power and/or latency) or be processed via theSPGD 204 (e.g., that has advantages such as call continuity). In thismode, the SPDs 206 form direct connections to the access points in theWi-Fi network, but the SPGD 204 architecture also allows allcommunications to be routed through the SPGD 204 if desired for cachingor other purposes. When SPDs 206 connect directly to the Wi-Fi accesspoint, another data path may be created with the SPGD 204 via a numberof methods such as BLUETOOTH brand communications or other non-Wi-Finetworks, Wi-Fi multi-channel multiplexing, indirectly over the accesspoint (e.g., local IP routing), and/or via a separate Wi-Fi radio. Thisadditional data path or channel provides the SPD 206 with access tofeatures such as caching, wireless storage, set-up, and other services(e.g., location services from a GPS of the SPGD 204).

In either or both modes (e.g., with Wi-Fi, or without Wi-Fi),communications between SPD 206 and SPGD 204 leverage low-power Wi-Ficoncepts (e.g., active power control including reduced power amplifierpower for short distance that adapts to changing conditions andoptimization of modulation efficiency) to reduce overall battery drainon these devices and to reduce spectrum spatial footprint (e.g., allowlarge numbers of users 102 of SPD/SPGDs in a single area) compared toexisting 802.11 standards.

Other Exemplary Services Provisioned by the SPGD

The SPGD 204 may also provision non-voice services to the SPDs 206. Insome examples, the SPGD 204 acts as a central notification server and/orredirection server to avoid waking the SPDs 206 upon receipt of externalcloud events (e.g., score update from a subscribed sports service),e-mail events, calendar events, instant message, SMS message, and thelike. In these examples, the SPGD 204 queues messages sent from thecloud services to one or more of the SPDs 206 in the PAN 202. When theuser 102 enables or other activates one of the SPDs 206 (e.g., wake fromidle), the SPGD 204 transfers the cached notification, events, messages,etc. to that SPD 206.

The SPGD 204 may also act as a single sink or other endpoint for cloudtraffic, such as when the cloud traffic is transmitted over cost-basednetworks. For example, the SPGD 204 receives an email from the WAN via acost-based LTE network, but then transmits the email from the SPGD 204to each of the SPDs 206 via a free or reduced cost link (e.g., overWi-Fi) when the SPDs 206 are ready to consume the data. For example, theSPDs 206 may consume multiple packages from multiple services in onetransmission or via one request from the SPD 206 to the SPGD 204. TheSPGD 204 handles similar subscription services other than email in asimilar manner (e.g., music, news, stock, weather, social networking,etc.).

The SPGD 204, when used with an associated cloud service, may alsoperform compression/decompression on content received from the cloud(e.g., cloud 702) for the SPDs 206 or sent to the cloud from the SPDs206. While some existing solutions allow reduction of WAN trafficthrough data compression, the compression and decompression operationsof the SPGD 204 and SPDs 206 are managed by the SPGD 204 withoutapplications and/or operating system (OS) code on each SPD 206 beingaware of the this service (e.g., the SPGD 204 handles thecompression/decompression on behalf of the SPDs 206). As such, while theSPGD 204 is aware of the compression/decompression mechanisms andservices, the SPDs 206 are not aware. For example, on downlink, thecloud service compresses the content and sends it to the SPGD 204. TheSPGD 204 decompresses the content and sends the decompressed content tothe SPDs 206 subscribed to receive the content. On uplink, the SPGD 204receives uncompressed content from the SPDs 206, compresses the content,and sends the compressed content to the cloud service. The cloud servicethen decompresses the compressed content received from the SPGD 204.Another example includes web pages in which a request is made for a webpage, but the request is sent through a proxy server. The proxy servergets the web page, compresses the web page, and sends the compressed webpage back to the SPGD 204. The SPGD 204 then decompresses the content,and sends it on further to the SPD 206.

Additional Examples

Some embodiments contemplate at least one of the SPDs 206 being capableof accessing multiple SPGDs 204 at one time. For example, the SPD 206selects among the SPGDs 204 to obtain data from the WAN. One exampleincludes the user 102 having a personal SPGD and a work or professionalSPGD, with some of the SPDs 206 connected to both SPGDs 204. In thisexample, incoming calls, alerts, messages, and other data are routedthrough the appropriate SPGD 204 to the SPDs 206 to partition orotherwise attribute the data (e.g., to attribute or track costs) based,for example, on whether the data being routed is associated with apersonal account or a work/professional account. Data from the SPDs 206may be similarly routed from the SPDs 206 through the appropriate SPGD204.

As an example, the user 102 may carry one SPGD 204 and have access to abuilt-in vehicle-based SPGD (e.g., while in or near the vehicle). Inthis example, power for the SPDs 206 (and the carried SPGD 204) may betaken directly from the vehicle power system. Large antennas associatedwith the vehicle may be used by any of the devices within range of thevehicle. Additional resources such as computing and storage may also beavailable, and more, with or without authentication of the SPDs 206.

In some embodiments, the user 102 may switch between one SPGD 204 and adifferent SPGD 204 to access a different carrier-based WAN network. Forexample, one SPD 206 can switch from one carrier WAN to a differentcarrier WAN by switching SPGDs 204. Similarly, each SPGD 204 may provideaccess to different private portals, or provide support for differentnetwork protocols or interfaces (e.g., when traveling internationally).

In some scenarios, SPGDs 204 may be daisy-chained together. For example,the user 102 may carry two or more SPGDs 204, and one or more of theseSPGDs 204 may communicate with at least one other SPGD 204 carried bythe user 102. Any daisy chaining of the SPGDs 204 is within the scope ofthe present disclosure.

The SPGD 204 may implement restrictions to limit access by the SPDs 206to the network(s) associated with the SPGD 204. For example, the SPGD204 may implement temporal restrictions (e.g., days, times, cumulativedurations), location-based restrictions (e.g., the SPGD 204 may only beused within particular regions, buildings, or other boundaries), and/orother restrictions. For example, a short-term, temporary, and/orpromotional SPGD 204 may be provided to the user 102 by an entity (e.g.,business, sponsor, etc.) to access only a particular network (e.g.,associated with the business, sponsor, etc.), only at a particularlocation, and/or only for a particular time/duration.

At least a portion of the functionality of the various elements in thefigures may be performed by other elements in the figures, or an entity(e.g., processor, web service, server, application program, computingdevice, etc.) not shown in the figures.

In some embodiments, the operations illustrated in the figures may beimplemented as software instructions encoded on a computer readablemedium, in hardware programmed or designed to perform the operations, orboth. For example, aspects of the disclosure may be implemented as asystem on a chip or other circuitry including a plurality ofinterconnected, electrically conductive elements.

While no personally identifiable information is tracked by aspects ofthe disclosure, embodiments have been described with reference to datamonitored and/or collected from the users 102. In some embodiments,notice may be provided to the users 102 of the collection of the data(e.g., via a dialog box or preference setting) and users 102 are giventhe opportunity to give or deny consent for the monitoring and/orcollection. The consent may take the form of opt-in consent or opt-outconsent.

Exemplary Operating Environment

An exemplary operating environment for the SPGD 204 and SPDs 206 is nextdescribed. In some embodiments, the SPGD 204 may be implemented usinganalog techniques to perform the operations described herein. Forexample, the operations may be performed by an analog computing deviceand/or a digital computing device.

In some embodiments, the memory area includes read-only memory and/ormemory wired into an analog computing device. Exemplary computerreadable media include flash memory drives, digital versatile discs(DVDs), compact discs (CDs), floppy disks, and tape cassettes. By way ofexample and not limitation, computer readable media comprise computerstorage media and communication media. Computer storage media includevolatile and nonvolatile, removable and non-removable media implementedin any method or technology for storage of information such as computerreadable instructions, data structures, program modules or other data.Computer storage media are tangible and mutually exclusive tocommunication media. In some embodiments, computer storage media areimplemented in hardware. Exemplary computer storage media include harddisks, flash drives, and other solid-state memory. In contrast,communication media typically embody computer readable instructions,data structures, program modules, or other data in a modulated datasignal such as a carrier wave or other transport mechanism and includeany information delivery media.

Communication between the SPGD 204 and SPDs 206 may occur using anyprotocol or mechanism over any wired or wireless connection. Further,the SPGD 204 and one or more of the SPDs 206 may be in wearable oraccessory form factors (e.g., watches, glasses, headsets, or earphones).

The SPD 206 may include a mobile computing device or any other portabledevice. In some embodiments, the mobile computing device includes amobile telephone, laptop, tablet, computing pad, netbook, programmableconsumer electronics, gaming device, and/or portable media player. TheSPD 206 may also include less portable devices such as desktop personalcomputers, kiosks, set top boxes, tabletop devices, industrial controldevices, wireless charging stations, and electric automobile chargingstations, if within the PAN 202 of the user 102. Additionally, the SPD206 may represent a group of processing units or other computingdevices.

At least a portion of the functionality of the various elementsdescribed herein may be performed by other elements, or an entity (e.g.,processor, web service, server, application program, computing device,etc.) not explicitly identified herein.

In some embodiments, the operations described herein may be implementedas software instructions encoded on a computer readable medium, inhardware programmed or designed to perform the operations, or both. Forexample, aspects of the disclosure may be implemented as a system on achip or other circuitry including a plurality of interconnected,electrically conductive elements.

The term “tethered” as used herein refers, in some embodiments, tosituations where one device acts as an access point for another devicefor network access. A tethered connection may occur over a wiredconnection or a wireless connection. The term “Wi-Fi” as used hereinrefers, in some embodiments, to a wireless local area network using highfrequency radio signals for the transmission of data. The term“BLUETOOTH” as used herein refers, in some embodiments, to a wirelesstechnology standard for exchanging data over short distances using shortwavelength radio transmission. The term “cellular” as used hereinrefers, in some embodiments, to a wireless communication system usingshort-range radio stations that, when joined together, enable thetransmission of data over a wide geographic area and/or metro-areanetworks such as white-space, satellite, WiMAX (WorldwideInteroperability for Microwave Access), and others. The term “NFC” asused herein refers, in some embodiments, to a short-range high frequencywireless communication technology for the exchange of data over shortdistances. The term “PAN” as used herein refers, in some embodiments, toany short-range network allowing multiple devices to interact. ExemplaryPANs 202 include, but are not limited to, wireless USB, Zigbee, 802.11d(60 GHz), and others.

Although described in connection with an exemplary computing systemenvironment, embodiments of the disclosure are capable of implementationwith numerous other general purpose or special purpose computing systemenvironments, configurations, or devices.

Examples of well-known computing systems, environments, and/orconfigurations that may be suitable for use with aspects of theinvention include, but are not limited to, mobile computing devices,personal computers, server computers, hand-held or laptop devices,multiprocessor systems, gaming consoles, microprocessor-based systems,set top boxes, programmable consumer electronics, mobile telephones,mobile computing and/or communication devices in wearable or accessoryform factors (e.g., watches, glasses, headsets, or earphones), networkPCs, minicomputers, mainframe computers, distributed computingenvironments that include any of the above systems or devices, and thelike. Such systems or devices may accept input from the user 102 in anyway, including from input devices such as a keyboard or pointing device,via gesture input, proximity input (such as by hovering), and/or viavoice input.

Embodiments of the invention may be described in the general context ofcomputer-executable instructions, such as program modules, executed byone or more computers or other devices in software, firmware, hardware,or a combination thereof. The computer-executable instructions may beorganized into one or more computer-executable components or modules.Generally, program modules include, but are not limited to, routines,programs, objects, components, and data structures that performparticular tasks or implement particular abstract data types. Aspects ofthe invention may be implemented with any number and organization ofsuch components or modules. For example, aspects of the invention arenot limited to the specific computer-executable instructions or thespecific components or modules illustrated in the figures and describedherein. Other embodiments of the invention may include differentcomputer-executable instructions or components having more or lessfunctionality than illustrated and described herein.

Aspects of the invention transform a general-purpose computer into aspecial-purpose computing device when configured to execute theinstructions described herein.

The embodiments illustrated and described herein as well as embodimentsnot specifically described herein but within the scope of aspects of theinvention constitute exemplary means for caching and sharing data amongSPDs 206 having heterogeneous communication modalities. For example,aspects of the disclosure as described herein constitute exemplary meansfor receiving data from the cloud service over a first communicationmodality, exemplary means for storing the received data in the SPGDcache 216 in the memory area, exemplary means for sharing the storeddata in the SPGD cache 216 with one or more of the SPDs 206 over asecond communication modality, exemplary means for storing in the SPGDcache 216 data received from a first one of the SPDs 206, and exemplarymeans for providing, from the SPGD cache 216, at least a portion of thestored data received from the first one of the SPDs 206 with a secondone of the SPDs 206 to maintain a consistent state between the first oneof the SPDs 206 and the second one of the SPDs 206.

Aspects of the disclosure described herein further constitute exemplarymeans for obtaining a first set of credentials via at least one of thesecurity modules 218, exemplary means for receiving, from at least oneof the plurality of SPDs 206, a request for the resource, exemplarymeans for authenticating the at least one of the plurality of SPDs 206,and exemplary means for providing the first set of credentials to the atleast one of the plurality of SPDs 206 based on the authentication.

The order of execution or performance of the operations in embodimentsof the invention illustrated and described herein is not essential,unless otherwise specified. That is, the operations may be performed inany order, unless otherwise specified, and embodiments of the inventionmay include additional or fewer operations than those disclosed herein.For example, it is contemplated that executing or performing aparticular operation before, contemporaneously with, or after anotheroperation is within the scope of aspects of the invention.

When introducing elements of aspects of the invention or the embodimentsthereof, the articles “a,” “an,” “the,” and “said” are intended to meanthat there are one or more of the elements. The terms “comprising,”“including,” and “having” are intended to be inclusive and mean thatthere may be additional elements other than the listed elements. Theterm “exemplary” is intended to mean “an example of” The phrase “one ormore of the following: A, B, and C” means “at least one of A and/or atleast one of B and/or at least one of C.”

Having described aspects of the invention in detail, it will be apparentthat modifications and variations are possible without departing fromthe scope of aspects of the invention as defined in the appended claims.As various changes could be made in the above constructions, products,and methods without departing from the scope of aspects of theinvention, it is intended that all matter contained in the abovedescription and shown in the accompanying drawings shall be interpretedas illustrative and not in a limiting sense.

What is claimed is:
 1. A system for caching and sharing data among smartpersonal devices (SPDs) having heterogeneous communication modalities,said system comprising: a memory area associated with a smart personalgateway device (SPGD), the memory area storing an SPGD cache maintainedby the SPGD and accessible to a plurality of SPDs, the SPGD and theplurality of SPDs being connected by a personal area network (PAN); andan SPGD processor programmed to: receive data from a cloud service overa first communication modality; store the received data in the SPGDcache in the memory area; share the stored data in the SPGD cache withone or more of the SPDs over a second communication modality, at leastone of the one or more of the SPDs lacking support for the firstcommunication modality; store, in the SPGD cache, data received from afirst one of the SPDs; and provide, from the SPGD cache, at least aportion of the stored data received from the first one of the SPDs witha second one of the SPDs to maintain a consistent state between thefirst one of the SPDs and the second one of the SPDs.
 2. The system ofclaim 1, wherein the first communication modality includes cellularradio transmissions, wherein the second communication modality includeswireless fidelity (Wi-Fi) radio transmissions, and wherein the SPGDprocessor is programmed to receive movie data from the cloud service andsubsequently share the received movie data with the one or more of theSPDs on demand.
 3. The system of claim 1, wherein the data received fromthe first one of the SPDs comprises user data, and wherein the user datacomprises at least one of: search history, web site favorites,copy-and-paste data, undo/redo data, electronic mail address completiondata, and previous map destinations.
 4. The system of claim 1, whereinthe data received from the first one of the SPDs includes user interfacepersonalization information comprising at least one of: data indicatingwhether a user of the first one of the SPDs is right- or left-handed, ascreen brightness value for an ambient light sensor (ALS), datadescribing preferred gestures, speech recognition hints, or languageselections.
 5. The system of claim 1, wherein the SPGD processor isprogrammed to receive data relating to asynchronous services from thecloud service over the first communication modality, wherein theasynchronous services include at least one of voicemail, electronicmail, or video messaging.
 6. The system of claim 1, wherein the SPGDprocessor is programmed to delay requests, from the plurality of SPDs,for data from the cloud service until the SPGD establishes a low-costconnection via the first communication modality.
 7. A method comprising:requesting, by one of a plurality of smart personal devices (SPDs), datafrom a cloud service, the plurality of SPDs being connected to a smartpersonal gateway device (SPGD) by a personal area network (PAN), whereinthe SPGD obtains the requested data over a first communication modalityand stores the obtained data in an SPGD cache associated with the SPGD;and obtaining, by the one of the plurality of SPDs, the requested datafrom the SPGD cache over a second communication modality, the one of theplurality of SPDs lacking support for the first communication modality.8. The method of claim 7, further comprising providing, by a first oneof the plurality of SPDs, state data to the SPGD for storage by the SPGDin the SPGD cache, wherein a second one of the plurality of SPDs obtainsat least a portion of the stored state data from the SPGD cache via theSPGD to maintain a consistent state between the first one of theplurality of SPDs and the second one of the plurality of SPDs.
 9. Themethod of claim 8, wherein providing the state data comprises providingtask data describing a partially-completed task.
 10. The method of claim8, wherein providing the state date comprises providing a pointer to alocation within content stored in the SPGD cache, wherein the second oneof the plurality of SPDs obtains the pointer from the SPGD cache toresume display of the content on the second one of the plurality ofSPDs.
 11. The method of claim 10, wherein the second one of theplurality of SPDs resumes display of the content when the first one ofthe plurality of SPDs is no longer connected to the PAN.
 12. The methodof claim 7, further comprising receiving, by the one of the plurality ofSPDs, the requested data from the SPGD cache.
 13. The method of claim 7,wherein obtaining the requested data from the SPGD cache comprisesobtaining the requested data when the first communication modality isunavailable.
 14. The method of claim 7, wherein the SPGD is one of aplurality of SPGDs available to the one of the plurality of SPDs, andfurther comprising selecting at least one of the plurality of SPGDs fromwhich to obtain the requested data.
 15. The method of claim 7, whereinrequesting the data from the cloud service comprises requesting at leastone of: music, images, videos, a news feed, an application update, anoperating system update, an electronic mail attachment, or socialnetworking feed content.
 16. A smart personal gateway device (SPGD)comprising: one or more security modules; a memory area associated witha smart personal gateway device (SPGD), the memory area storing an SPGDcache maintained by the SPGD and accessible to a plurality of smartpersonal devices (SPDs), the SPGD and the plurality of SPDs beingconnected by a personal area network (PAN); and an SPGD processorprogrammed to: obtain a first set of credentials via at least one of thesecurity modules, the first set of credentials providing access to aresource; receive, from at least one of the plurality of SPDs, a requestfor the resource, the at least one of the plurality of SPDs lacking theat least one of the security modules for obtaining the first set ofcredentials; authenticate the at least one of the plurality of SPDs; andprovide the first set of credentials to the at least one of theplurality of SPDs based on the authentication, wherein the at least oneof the plurality of SPDs accesses the resource via the first ofcredentials provided by the SPGD.
 17. The smart personal gateway deviceof claim 16, wherein the at least one of the security modules allowsaccess to the resource otherwise not accessible by the at least one ofthe plurality of SPDs.
 18. The smart personal gateway device of claim16, wherein the one or more security modules comprise a trusted platformmodule (TPM) storing login information corresponding to one or more ofthe plurality of SPDs, and wherein the SPGD processor is furtherprogrammed to offer the login information from the TPM on behalf of thecorresponding one or more of the plurality of SPDs when thecorresponding one or more of the plurality of SPDs attempt to connect toa cloud service.
 19. The smart personal gateway device of claim 16,wherein the SPGD further comprises a near field communication (NFC)radio and coil, the SPGD processor further being programmed to performfinancial transactions on behalf of the plurality of SPDs using the NFCradio and coil.
 20. The smart personal gateway device of claim 16,wherein the SPGD processor is further programmed to perform packetinspection on incoming data packets to the PAN to implement a firewall.